As GDPR Turns One, U.S. Companies Ask, "Are We Next?"

A significant portion of Internet users through their actions are telling companies that they want to exercise more control over their personal data. Now that even more countries around the world are embracing GDPR style regulations, one big global tech giant in the United States is saying the time has arrived for the U.S. to have a federal law similar to that in Europe and other countries. ALSO: IBM Watson's AI is now available for use in agriculture and weather; AI is growing but so is user distrus; IoT impact is expected to grow significantly in the next six years; Microsoft continues to push their cross platform impact with new services for MacOS; and GitLab now supports Docker Containers on Windows.

It's time for the United States to join the European Union, Brazil, China, India, Japan, South Korea and Thailand in passing legislation that allows its citizens a greater degree of control over their personal data collection and use, wrote Julie Brill - Corporate Vice President and Deputy General Counsel, Microsoft. Brill's blog post was published to coincide with the first anniversary of the EU's General Data Protection Regulation. The post cites a growing demand for control over personal information:

The ever-growing number of people using our privacy dashboard is a clear sign that people want to be empowered to control their data. Since GDPR went into effect, more than 18 million people from around the world have used our tool to manage their personal information. The highest level of engagement, both on a per capita basis and in absolute numbers, continues to come from the United States where about 6.7 million people have used the dashboard.

[…]

No matter how much work companies like Microsoft do to help organizations secure sensitive data and empower individuals to manage their own data, preserving a strong right to privacy will always fundamentally be a matter of law that falls to governments. Despite the high level of interest in exercising control over personal data from U.S. consumers, the United States has yet to join the EU and other nations around the world in passing national legislation that accounts for how people use technology in their lives today.

Brill for federal legislation that upholds a fundamental right to privacy, requires greater accountability and transparency in how companies use the personal information they collect, places accountability obligations on the companies that collect and use sensitive personal information, and includes strong enforcement provisions.

Until the U.S. Congress acts on a nationwide level, there's always state law. On January 1, 2020, the California Consumer Privacy Act (CCPA) will go into effect. It's the first state data privacy law and gives Californians the following rights:

They have the right to corporate disclosure of how their personal data is being collected and used.

They have the right to access personal information that is collected.

They have the right to request personal information be deleted.

They have the right to know how their personal information is being shared and with whom.

They have the right to opt out of the sale of their personal information.

They have the right to equal service and price, regardless of whether or not they share data.